ebook img

Surfing the Web Anonymously - The Good and Evil of the Anonymizer PDF

35 Pages·2016·4.56 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Surfing the Web Anonymously - The Good and Evil of the Anonymizer

SANS Institute Information Security Reading Room Surfing the Web Anonymously - The Good and Evil of the Anonymizer ______________________________ Peter Chow Copyright SANS Institute 2019. Author Retains Full Rights. This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. . Surfing the Web Anonymously - s t The Good and Evil of the Anonymizer h g i GIAC  (GSEC)  Gold  Certification   r l l u Author:  Peter  Chow,  [email protected]   f Advisor:  Hamed  Khiabani   s n i a t Accepted:  July  9,  2012   e r   r   o   h Abstract  t Companies  of  all  sizes  spend  large  amounts  ouf  time,  resources,  and  money  to  ensure   that  their  network  resources  and  InternetA  connections  are  not  being  misused.    They   hire  the  best  Information  Technology  pr,ofessionals,  however,  even  the  most   e technically  challenged  end  user,  witht  very  little  technical  skills  can  find  creative   ways  to  circumvent  firewall  rulesu  and  bypass  blocked  websites.  This  paper  will   t describe  how  an  anonymizer  ori  an  anonymous  proxy  can  bypass  firewall  rules  and   t weaken  the  ability  to  enforce  Confidentiality,  Integrity,  and  Availability  (CIA  triad)   s in  a  network  infrastructure.    On  the  other  hand,  an  anonymizer  can  be  used  for  good,   n I and  is  a  useful  way  to  h ide  IP  addresses  to  surf  the  web  anonymously.     S N A S 2 1 0 2 © © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 2       1. Introduction . s t 1.1. The Dilemma h Companies of all sizes spend large amounts of time, resources, and money to g i r ensure that their network resources and Internet connections are not being misusedl . They l hire the best Information Technology professionals, however, even the most teu chnically f challenged end user, with very little technical skills can find creative ways to circumvent s n firewall rules and bypass blocked websites. This paper will describe ihow an anonymizer a or an anonymous proxy can bypass firewall rules and weaken thet ability to enforce e Confidentiality, Integrity, and Availability (CIA triad) in a ner twork infrastructure. On r the other hand, an anonymizer can be used for good, and is a useful way to hide IP o addresses to surf the web anonymously. h t u 1.2. Background Information A , Anonymizers (anonymous proxy) are products and services that can be used for e t both good and malicious acts. They can provide users with Internet privacy to surf the u t i web anonymously, by masqueratding the person’s real Internet Protocol (IP) address and s substituting it with another IP address. Anonymizer’s tools can also bypass security n I filters set by firewall rules (i.e. Access Control Lists) and access unauthorized websites or S transfer information without corporate consent and thereby reduce the CIA model’s N effectiveness. A All Sa user needs to do is install a proxy application and configure the web browser 2 to point to a proxy website. Thereafter, when accessing websites, the computer will 1 co0nnect to the proxy server, circumvent the firewall ACL rules, and retrieve blocked 2 websites. © In 1997, while studying for his Ph.d in Astrophysics at the University of California, San Diego, Lance Cottrell created the first anonymizer which was Anonymizer.com. Cottrell is an advocate for privacy and established the Kosovo Privacy Project which enabled users to use anonymizer services to report on the 1999 Kosovo war zone without discovery or penalties (Cottrell, 2011). Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 3       As the Internet continues to grow in popularity, more users are going to the web as their primary source of information. This information includes communication like . email, chat, instant messaging (IM), and social networking sites like Facebook and s t Twitter. Ecommerce and online banking are other areas in which the Internet has h g i influenced the way users are doing business and managing their personal information. r l Many websites today collect personal information about how users are surfing thleir u websites. They gather information on just about everything, from the surfer’fs IP address s to how many times they visited a certain website. Just about every click of the mouse on n i a website can gather valuable and marketable information that can be sold to interested a t companies. Many people are now more aware of this and are learning about how their e r information is gathered, stored on internet cookies and then sent to marketing and r advertising companies like DoubleClick and other adboo t affiliates. Cautious users are h t now turning to anonymizer software and services to maintain their privacy and to u masquerade their true location, IP address. Another reason for masking one’s IP address A , is that it adds a layer of security from malicious attackers while surfing on a public e t network. However, a side affect of using an anonymizer, creative users have found out, is u t that anonymizers have been foundi useful in circumventing corporate firewalls and t s accessing websites that should have been blocked. Figure 1 illustrates when firewall rules n I are applied and the inten ded website is blocked. S N A S 2 1 0 2 ©   Figure 1: Warning Message Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 4       Figure 2 illustrates how the firewall rules are circumvented by the use of an anonymizer. . s t Access C ontrol List: Internet h Deny all www.youtube.com g i r l www.freeproxy.com Gets access to l www.youtube.com u f Bypasses the s firewall rules n i User wants to access a www.youtube.com website t which has been blocked by the company’s firewall   e Figure 2: Bypassing ACL’s rules r r o 2. How It Works h t 2.1. Example of an Anonymizer u A In a typical network, access by work station is connected to a switch and then on , e to a router that may have a firewall or tproxy server to prevent unauthorized connections. u Figure 3 is an example of a worksttation opening a web browser to www.youtube.com i t URL, being inspected by the firewall and allowed passage thru based on its access s control list or rule sets. n I S N A S 2 1 0 2 ©   Figure 3: Permitted websites Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 5       Figure 4 illustrates when the Firewall access control list is set to deny passage to the www.youtube.com website. It will block the connection and prevent access and return . an access blocked message to the workstation’s web browser. s t h g i r l l u f s n i a t e r r o h t   Figure 4: Blocked website u A , Figure 5 illustrates when the workstation directs its web browser to an Internet e t anonymizer (proxy server) to connect to the www.youtube.com website. It then bypasses u t the Firewall access control list anid circumvents the rules that prevent it from connecting. t s How this works is when the computer is set up with an anonymizer it will establish a n I secure connection allow ing access to surf websites normally blocked by the firewall, and S as a result unauthorized access is undetected. N A S 2 1 0 2 ©   Figure 5: Access a denied website via anonymizer   Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 6       2.2. How to do it There are many types of anonymizer applications and associated services. Some . are free of charge like proxify.com and others are commercial grade, such as JonDonym s t h and have a monthly subscription price based on the volume of data used. In this g i example, a free version of the JonDonym Anonymous Proxy Server called (JAP) ANr .ON l has been selected because it is free. l u (JAP) AN.ON is a research project and is free of charge. This appli cfation is s written in the Java programming language and can be installed on a number of different n i operating systems, which include Windows, Macintosh, OS/2, Linux/ UNIX and other a t types of operating systems. JAP allows surfing the Internet aneonymously and undetected r by connecting to the JAP proxy servers located all over thre world (JAP, 2012). JAP can o be downloaded at http://anon.inf.tu-dresden.de/index_en.html (see Appendix A). After h t downloading JAP, follow the installation process (see Appendix B). u A 2.3. Blocked websites , e Corporations configure their firtewall rules (ACL’s) based on a number of factors u which include preventing maliciout s attacks to their network resources. Another factor is i t to prevent internal users from accessing unacceptable or harmful websites. s In this example, thI en corporate firewall is set to prevent access to the website http://www.anonymizS er.com. When a web browser tries to open this website, a warning message is displayN ed indicating “Security risk blocked for your protection” and the A website is not accessible, Figure 6. S 2 1 0 2 ©   Figure 6: Blocked website’s warning message from Firewall Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 7       Check your IP address setting by opening Windows Internet Explorer web browser and entering www.whatismyip.com in the address box. It indicates that Your IP . address location is 45.112.164.5 (made up IP address for security purposes), Figure 7 s t (Whatismyip.com, 2012). h g i r l l u f s n i a t e r r o h t   Figure 7: Verifying IP address u A 2.4. Launching JAP , e To masquerade your IP address, start and configure the JAP application. t u Step 1: Click on the JAP apt plication icon to launch the program, Figure 8. i t s n I   S Figure 8: Launching JAP application N A Step 2: Turn on JAP Anonymity service by clicking on the “On” radio button, S Figure 9. 2 1 0 2 ©   Figure 9: JAP application interface Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 8       Step 3: Select the location and service by clicking the down-arrow tab and selecting the “FreeBee – Bolzano”, Figure 10. . s t h g i r l l u f s n i   a t Figure 10: Selecting anonymizer servers e r Step 4: Configure Windows Internet Explorer web browser to use proxy. Open r Internet Explorer and click “Tools” then “Internet Optioons” Figure 11. h t u A , e t u t i t s n I   S Figure 11: Enabling Proxy Server on web browser N Step 5: In Internet Options, click on “Connections” and then click on the “LAN A settings” taSb, Figure 12. 2 1 0 2 ©   Figure 12: Selecting LAN settings Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights. Surfing the Web Anonymously –    The Good and Evil of the Anonymizer 9       Step 6: In the Proxy server box, check the “Use a proxy server for your LAN”. Enter “localhost” in the Address box and “4001” in the Port box. Click the “OK” button . to finish and close “Internet Options” Figure 13. s t h g i r l l u f s n i a t e r r o h   t Figure 13: Entering Proxy Server IP address and Port number u A , Note: Uncheck when not using Proxy server, otherwise normal connections may e t not work. u t i t s Step 7: Testing Proxy settings, open Internet Explorer and enter n I www.whatismyip.com in the address box again. Now your IP Address is 178.33.255.188 S (real IP address assigned by the proxy) which is coming from France and not your real N assigned IP Address of 45.112.164.5 which is located in the United States, Figure 14 A (WhatismySip.com, 2012). 2 1 0 2 ©   Figure 14: Checking IP address with Proxy services enabled Peter  Chow,  [email protected]       © 2012 The SANS Institute Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Author retains full rights.

Description:
addresses to surf the web anonymously. 1.2. Background Information. Anonymizers (anonymous proxy) are products and services that can be used for.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.